Sun Alert 102971 Multiple Memory Corruption Vulnerabilities in Mozilla 1.7 for Solaris 8, 9 and 10

Product: Mozilla v1.7, Solaris 9 Operating System, Solaris 10 Operating System, Solaris 8 Operating System

A number of memory corruption vulnerabilities have been found in the Mozilla application which may allow a remote user who is able to create a web page which is visited by a local user using the Mozilla browser, or who sends a specially crafted email that is read by a local user using Mozilla, to either cause the Mozilla application to crash or execute arbitrary code via Javascript with the privileges of the user running Mozilla. The ability of a remote user to cause the Mozilla application to crash is a type of Denial of Service (DoS).

The following Mozilla advisory describes nine separate memory corruption issues:

This Sun Alert corresponds to the following five issues described in the Mozilla advisory above:

FireMenuItemActiveEvent called at unsafe times (Boris Zbarsky):

Potential string class buffer overruns in out-of-memory case (Darin Fisher, Daniel Veditz):

Crashes involving table row and column groups (Jesse Ruderman, Martijn Wargers):

crypto.generateCRMFRequest callback can run on deleted context (shutdown):

Note: Mozilla 1.7 is not affected by the below vulnerabilities mentioned in the advisory:

Crashes referencing removed nodes (Jesse Ruderman, Martijn Wargers):

Additional references:

Avoidance: Patch, Workaround
State: Resolved
First released: 26-Jun-2007
Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today